Endpoint Cybersecurity GmbH
- Implementing ISO 27001:2022 Annex A.18 – Compliance
- Maping NIS2 requirements to the ISO 27001:2022 framework
- Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
- Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
- Executive summary: NIS2 Directive for the EU members (updated)
- NIS-2: 10 common misconceptions about the regulation
- Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
- Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance
- Understanding ISO 27001:2022 Annex A.13 – Communications Security
- Understanding ISO 27001:2022 Annex A.12 – Operations Security
Understanding ISO 27001:2022 Annex A.6 – Organization of Information Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with ISO 27001:2022 Annex A.6, “Organization of Information Security”, which outlines requirements for establishing an effective management framework to govern information security within an organization. This annex emphasizes the importance of defining roles, responsibilities, […]
Understanding ISO 27001:2022 Annex A.5 – Information Security Policies
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with A.5. Information Security Policies. Contents Toggle Importance of Information Security Policies Implementing Annex A.5 in Practice Auditing Compliance with Annex A.5 Importance of Information Security Policies Information security policies […]
Annex A of ISO 27001:2022 explained and tips to prepare for an audit
/in EducationalWe wrote in the previous article ISO 27001:2022: chapter by chapter description about ISO 27001:2022 Annex A. Annex A of ISO 27001:2022 is a vital component of the standard, outlining a comprehensive set of controls that organizations can implement to mitigate information security risks effectively. These controls cover a wide range of areas, including physical security, […]
ISO 27001:2022: chapter by chapter description
/in EducationalContents Toggle What’s New in ISO 27001:2022 Chapter 1-3: Scope, Normative References and Terms and Definitions Chapter 4: Context of the Organization Goal Actions Implementation Chapter 5: Leadership Goal Actions Implementation Chapter 6: Planning Goal Actions Implementation Chapter 7: Support Goal Actions Implementation Chapter 8: Operation Goal Actions Implementation Chapter 9: Performance Evaluation Chapter 10: […]
The ISO 27000 family of protocols and their role in cybersecurity
/in EducationalThe ISO 27000 family of protocols represent a series of standards developed by the International Organization for Standardization (ISO) to address various aspects of information security management. These standards provide a framework for organizations to establish, implement, maintain, and continually improve their information security management systems (ISMS). Each standard within the ISO 27000 family serves […]